代码拉取完成,页面将自动刷新
一、漏洞信息
漏洞编号:CVE-2024-57798
漏洞归属组件:kernel
漏洞归属的版本:4.19.140,4.19.194,4.19.90,5.10.0,6.1.19,6.4.0,6.6.0
CVSS V3.0分值:
BaseScore:7.8 High
Vector:CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞简述:
In the Linux kernel, the following vulnerability has been resolved:drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()While receiving an MST up request message from one thread indrm_dp_mst_handle_up_req(), the MST topology could be removed fromanother thread via drm_dp_mst_topology_mgr_set_mst(false), freeingmst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL.This could lead to a NULL deref/use-after-free of mst_primary indrm_dp_mst_handle_up_req().Avoid the above by holding a reference for mst_primary indrm_dp_mst_handle_up_req() while it s used.v2: Fix kfreeing the request if getting an mst_primary reference fails.
漏洞公开时间:2025-01-11 21:15:29
漏洞创建时间:2025-01-22 17:01:08
漏洞详情参考链接:
https://nvd.nist.gov/vuln/detail/CVE-2024-57798
漏洞分析指导链接:
https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
漏洞数据来源:
openBrain开源漏洞感知系统
漏洞补丁信息:
| 影响的包 | 修复版本 | 修复补丁 | 问题引入补丁 | 来源 |
|---|---|---|---|---|
| https://git.kernel.org/stable/c/9735d40f5fde9970aa46e828ecc85c32571d58a2 | nvd | |||
| https://git.kernel.org/stable/c/ce55818b2d3a999f886af91679589e4644ff1dc8 | nvd | |||
| https://git.kernel.org/stable/c/e54b00086f7473dbda1a7d6fc47720ced157c6a8 | nvd | |||
| https://git.kernel.org/stable/c/f61b2e5e7821f868d6afc22382a66a30ee780ba0 | nvd | |||
| linux_kernel | 6.1.123 | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f61b2e5e7821f868d6afc22382a66a30ee780ba0Fixed | linuxkernelcves | |
| linux_kernel | 6.6.69 | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=9735d40f5fde9970aa46e828ecc85c32571d58a2Fixed | linuxkernelcves | |
| linux_kernel | 6.12.8 | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=ce55818b2d3a999f886af91679589e4644ff1dc8Fixed | linuxkernelcves | |
| linux_kernel | 6.13-rc2 | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=e54b00086f7473dbda1a7d6fc47720ced157c6a8Please | linuxkernelcves |
二、漏洞分析结构反馈
影响性分析说明:
In the Linux kernel, the following vulnerability has been resolved:drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()While receiving an MST up request message from one thread indrm_dp_mst_handle_up_req(), the MST topology could be removed fromanother thread via drm_dp_mst_topology_mgr_set_mst(false), freeingmst_primary and setting drm_dp_mst_topology_mgr::mst_primary to NULL.This could lead to a NULL deref/use-after-free of mst_primary indrm_dp_mst_handle_up_req().Avoid the above by holding a reference for mst_primary indrm_dp_mst_handle_up_req() while it's used.v2: Fix kfreeing the request if getting an mst_primary reference fails.The Linux kernel CVE team has assigned CVE-2024-57798 to this issue.
openEuler评分:
7.8
Vector:CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
受影响版本排查(受影响/不受影响):
1.openEuler-20.03-LTS-SP4(4.19.90):受影响
2.openEuler-22.03-LTS-SP3(5.10.0):受影响
3.openEuler-22.03-LTS-SP4(5.10.0):受影响
4.openEuler-24.03-LTS(6.6.0):受影响
5.openEuler-24.03-LTS-SP1(6.6.0):受影响
6.openEuler-24.03-LTS-SP2(6.6.0):受影响
7.master(6.12.33):不受影响
8.openEuler-24.03-LTS-Next(6.6.0):不受影响
修复是否涉及abi变化(是/否):
1.master(6.12.33):否
2.openEuler-20.03-LTS-SP4(4.19.90):否
3.openEuler-22.03-LTS-SP3(5.10.0):否
4.openEuler-22.03-LTS-SP4(5.10.0):否
5.openEuler-24.03-LTS(6.6.0):否
6.openEuler-24.03-LTS-Next(6.6.0):否
7.openEuler-24.03-LTS-SP1(6.6.0):否
8.openEuler-24.03-LTS-SP2(6.6.0):否
原因说明:
1.openEuler-22.03-LTS-SP3(5.10.0):正常修复
2.openEuler-22.03-LTS-SP4(5.10.0):正常修复
3.openEuler-24.03-LTS(6.6.0):正常修复
4.openEuler-24.03-LTS-SP1(6.6.0):正常修复
5.openEuler-24.03-LTS-SP2(6.6.0):正常修复
6.openEuler-20.03-LTS-SP4(4.19.90):不修复-超出修复范围
7.master(6.12.33):不受影响-漏洞代码不能被攻击者触发
8.openEuler-24.03-LTS-Next(6.6.0):不受影响-漏洞代码不能被攻击者触发
FileDragTip